[CWD-4342] Don't try to invalidate a session ID of an empty string - Create and track feature requests for Atlassian products.

Type: Suggestion
Resolution: Fixed
Fix Version/s: 2.8.3
Component/s: None
Labels:
None

Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

Since ~~CWD-4271~~, deleting an empty session token results in invalidating all sessions. As this was never an expected value, specifically check for it and fail locally.

At the same time, check for cases that are calling this conditionally on having a session token and ensure they don't treat it as something that can be invalidated.

causes

JRACLOUD-65801 All users are logged out of JIRA Cloud every 1 or 2 minutes

Closed

is related to

JRACLOUD-41559 Some REST calls return 200 with no body and AUTHENTICATED_FAILED

Closed

JRACLOUD-65801 All users are logged out of JIRA Cloud every 1 or 2 minutes

Closed

JRASERVER-41559 Some REST calls return 200 with no body and AUTHENTICATED_FAILED

Gathering Impact

relates to

JRACLOUD-65853 Upgrade Crowd to 2.8.3+

Closed

CWD-4271 As an admin, I want to bulk-expire SSO sessions

Closed

mentioned in: Page Loading...; Page Loading...

(1 relates to, 2 mentioned in)

Assignee:: joe

Reporter:: joe

Votes:: 0 Vote for this issue

Watchers:: 11 Start watching this issue

Created:: 04/May/2015 3:56 AM

Updated:: 19/Sep/2019 5:51 AM

Resolved:: 07/May/2015 12:13 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates